How to register and use multiple AWS accounts with AWS CLI
Tadashi Shigeoka · Tue, December 11, 2018
I’ll introduce how to register multiple AWS accounts with AWS CLI and use them selectively.
Install aws cli
I’ll proceed assuming you’ve installed it referring to Installing or updating the latest version of the AWS CLI - AWS Command Line Interface.
$ aws --version
aws-cli/1.16.60 Python/3.7.1 Darwin/18.2.0 botocore/1.12.50
aws cli account registration
Register default AWS Access Key, Secret Access Key
$ aws configure
AWS Access Key ID [None]: ${YOUR_DEFAULT_ACCESS_KEY_ID}
AWS Secret Access Key [None]: ${YOUR_DEFAULT_SECRET_ACCESS_KEY}
Default region name [None]: us-east-1
Default output format [None]: table
Register second AWS Access Key, Secret Access Key
Specify the second account name with the —profile option and run the aws configure command.
$ aws configure --profile 2nd-account
AWS Access Key ID [None]: ${YOUR_2ND_ACCESS_KEY_ID}
AWS Secret Access Key [None]: ${YOUR_2ND_SECRET_ACCESS_KEY}
Default region name [None]: ap-northeast-1
Default output format [None]: json
Check aws cli configuration files
Finally, let’s check the settings of the config and credentials files created under ~/.aws.
$ tree ~/.aws
/Users/username/.aws
├── config
└── credentials
0 directories, 2 files
$ less ~/.aws/config
[default]
output = table
region = us-east-1
[profile 2nd-account]
output = json
region = ap-northeast-1
$ less ~/.aws/credentials
[default]
aws_access_key_id = ${YOUR_DEFAULT_ACCESS_KEY_ID}
aws_secret_access_key = ${YOUR_DEFAULT_SECRET_ACCESS_KEY}
[2nd-account]
aws_access_key_id = ${YOUR_2ND_ACCESS_KEY_ID}
aws_secret_access_key = ${YOUR_2ND_SECRET_ACCESS_KEY}
How to use AWS CLI by specifying account
You can use it by specifying the —profile option just like with the aws configure command.
$ aws s3 ls # use default profile
$ aws s3 ls --profile 2nd-account # use 2nd-account profile
That’s all from the Gemba where I want to use multiple AWS accounts with AWS CLI.